A critical vulnerability, identified as CVE-2025-43362 with a CVSS score of 9.8, has been discovered in Apple's iOS and iPadOS. This flaw allows a malicious application to monitor and capture user keystrokes without requiring any permission, potentially leading to the theft of sensitive information such as login credentials, financial data, and private messages. Organizations are urged to update all affected devices immediately to prevent potential data breaches.

The vulnerability stems from insufficient permission checks within the operating system. A specially crafted application installed on a device can exploit this weakness to gain unauthorized access to the system's keyboard input stream. This allows the application to function as a keylogger, capturing all text entered by the user across all other applications without their knowledge or consent.

This vulnerability is rated as critical severity with a CVSS score of 9.8, posing a significant risk to the organization. Successful exploitation could lead to a severe confidentiality breach, as attackers can capture employee credentials for corporate networks, VPNs, and cloud services. Furthermore, sensitive customer data, financial information, and other proprietary details entered on compromised devices could be exfiltrated. The potential consequences include financial loss, reputational damage, and regulatory penalties related to data protection.

Immediate Action: Update all corporate-managed and Bring-Your-Own-Device (BYOD) iPhones and iPads to iOS 18.7 or iPadOS 18.7, or the latest available version. Prioritize patching for devices used by executives and employees with access to sensitive systems.

Proactive Monitoring: Utilize Mobile Device Management (MDM) and Mobile Threat Defense (MTD) solutions to monitor for suspicious application behavior on endpoints. Review network logs for unusual outbound traffic from mobile devices, which could indicate data exfiltration. System logs should be checked for any unauthorized processes attempting to access user input services.

Compensating Controls: If immediate patching is not feasible, enforce strict application vetting policies to prevent the installation of untrusted or non-essential third-party apps. Use MDM policies to restrict app installation sources to the official Apple App Store. Educate users on the dangers of sideloading applications and the importance of installing security updates promptly.

Public Exploit Available: false

Given the critical CVSS score of 9.8 and the severe risk of credential and data theft, we strongly recommend that organizations treat this vulnerability as an immediate and high-priority threat. The remediation plan, centered on deploying the security updates provided by Apple, should be executed without delay. A comprehensive audit of all managed mobile devices should be conducted to ensure they are updated to a patched version.